Ask the Experts

Ask the Experts

• How was a black box attack used to exploit ATM vulnerabilities?

  Researchers from Positive Technologies found flaws affecting NCR ATMs. Discover how these ATM vulnerabilities work and how a patch can mitigate this attack.  Continue Reading

• How were attackers able to bypass 2FA in a Reddit breach?

  Reddit announced a breach after users were socially engineered and attackers bypassed 2FA protocols. Discover how this attack was possible and how sites can avoid falling victim.  Continue Reading

• Can a D-Link router vulnerability threaten bank customers?

  A D-Link router vulnerability was used to send banking users to a fake site in order to steal their information. Learn more about this vulnerability with expert Judith Myerson.  Continue Reading

• How container security tools affect overall system security

  Container security continues to be a pressing issue as containers and hosts are being used more frequently. Learn how to keep your enterprise safe with Matt Pascucci.  Continue Reading

• How does a Bluetooth vulnerability enable validation attacks?

  Bluetooth devices might be at risk after a new Bluetooth vulnerability was found targeting firmware and operating system software drivers. Learn how it works and can be mitigated.  Continue Reading

• How does Thanatos ransomware decryptor tool restore data?

  Cisco Talos' Thanatos ransomware decryptor can recover files affected by new ransomware that won't decrypt ransomed files even when a ransom has been paid.  Continue Reading

• How is the Trezor cryptocurrency online wallet under attack?

  A phishing campaign targeting Trezor wallets may have poisoned DNS or hijacked BGP to gain access. Learn how the attack worked and how to mitigate it with expert Nick Lewis.  Continue Reading

• How does signed software help mitigate malware?

  Okta researchers found a bypass that allows macOS malware to pose as signed Apple files. Discover how this is possible and how to mitigate this attack.  Continue Reading

• How does the Mylobot botnet differ from a typical botnet?

  The new Mylobot botnet demonstrated new, complex tools and techniques that are modifying botnet attacks. Learn how this botnet differs from a typical botnet with Nick Lewis.  Continue Reading

• How does new MacOS malware target users through chat?

  New malware targets cryptocurrency investors through MacOS and chat platforms were recently discovered. Learn how OSX.Dummy malware works and what users can do to spot the attack.  Continue Reading

• How is Plead malware used for cyberespionage attacks?

  Cyberespionage hackers have used stolen digital certificates to steal data. Expert Michael Cobb explains how hackers sign Plead malware to conduct these attacks.  Continue Reading

• What is behind the growing trend of BEC attacks?

  BEC attacks cost over $676 million in 2017, according to the FBI's Internet Crime Report. Learn how to recognize possible BEC attacks from expert Michael Cobb.  Continue Reading

• How does site isolation defend against Spectre vulnerabilities?

  Spectre exploits how processors manage performance-enhancing features. Expert Michael Cobb explains Google Chrome's initiative to use site isolation as a defense mechanism.  Continue Reading

• How does the public Venmo API pose a threat for users?

  The public Venmo API setting puts users at risk by providing detailed insight into their transactions and personal lives. Expert Michael Cobb discusses the risks of public APIs.  Continue Reading

• How can U2F authentication end phishing attacks?

  By requiring employees to use U2F authentication and physical security keys, Google eliminated phishing attacks. Learn how the combination works from expert Michael Cobb.  Continue Reading